CVE-2024-50222

In the Linux kernel, the following vulnerability has been resolved: ioviter: fix copypagefromiteratomic if KMAPLOCALFORCEMAP generic/077 on x8632 CONFIGDEBUGKMAPLOCALFORCEMAP=y with highmem, on huge=always tmpfs, issues a warning and then hangs interruptibly: WARNING: CPU: 5 PID: 3517 at...

CVE-2024-50222 iov_iter: fix copy_page_from_iter_atomic() if KMAP_LOCAL_FORCE_MAP

In the Linux kernel, the following vulnerability has been resolved: ioviter: fix copypagefromiteratomic if KMAPLOCALFORCEMAP generic/077 on x8632 CONFIGDEBUGKMAPLOCALFORCEMAP=y with highmem, on huge=always tmpfs, issues a warning and then hangs interruptibly: WARNING: CPU: 5 PID: 3517 at...

CVE-2024-50222 iov_iter: fix copy_page_from_iter_atomic() if KMAP_LOCAL_FORCE_MAP

In the Linux kernel, the following vulnerability has been resolved: ioviter: fix copypagefromiteratomic if KMAPLOCALFORCEMAP generic/077 on x8632 CONFIGDEBUGKMAPLOCALFORCEMAP=y with highmem, on huge=always tmpfs, issues a warning and then hangs interruptibly: WARNING: CPU: 5 PID: 3517 at...

Kconfig-Hardened-Check - A Tool For Checking The Hardening Options In The Linux Kernel Config

Motivation There are plenty of Linux kernel hardening config options. A lot of them are not enabled by the major distros. We have to enable these options ourselves to make our systems more secure. But nobody likes checking configs manually. So let the computers do their job!...

Unbreakable Enterprise kernel security update

2.6.39-400.327.1 - USB: serial: omninet: fix reference leaks at open Johan Hovold Orabug: 30484765 CVE-2017-8925 - x8632, entry: Store badsys error code in %eax Sven Wegener Orabug: 30783266 CVE-2014-4508 CVE-2014-4508 - x8632, entry: Do syscall exit work on badsys CVE-2014-4508 Andy Lutomirski...

OracleVM 3.2 : Unbreakable / etc (OVMSA-2017-0106)

The remote OracleVM system is missing necessary patches to address critical security updates : - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986995 CVE-2017-7895 - ocfs2/o2net: o2netlistendataready should do nothing if socket state is not TCPLISTEN Tariq Saeed...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2017-3535)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3535 advisory. - RHEL: complement upstream workaround for CVE-2016-10142. Quentin Casasnovas Orabug: 25765786 CVE-2016-10142 CVE-2016-10142 - net: ping: check...

Oracle: Security Advisory (ELSA-2012-1426)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Kernel 3.3.5 - driversmediamedia-device.c Local Information Disclosure

Linux Kernel 3.3.5 - driversmediamedia-device.c Local Information Disclosure / source: https://www.securityfocus.com/bid/68048/info The Linux kernel is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to cause a memory leak to obtain sensitive...

CVE-2013-0151

The dohvmop function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x8632 platform does not prevent HVMPARAMNESTEDHVM aka nested virtualization operations, which allows guest OS users to cause a denial of service long-duration page mappings and host OS crash by leveraging administrative access to ...

CVE-2013-0151

The dohvmop function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x8632 platform does not prevent HVMPARAMNESTEDHVM aka nested virtualization operations, which allows guest OS users to cause a denial of service long-duration page mappings and host OS crash by leveraging administrative access to ...

CVE-2013-0151

The vulnerability CVE-2013-0151 affects Xen 4.2.x on x86_32 where do_hvm_op does not prevent HVM_PARAM_NESTEDHVM, enabling a guest with admin access in a large-VCPU domain to trigger a denial of service (long-duration page mappings/host crash). The provided documents do not specify a fixed patch ...